const { exec, escapeAndXSS } = require('../db/mysql')
const { genPassword } = require('../utils/cryp')

const login = (username, password) => {
  username = escapeAndXSS(username)
  password = escapeAndXSS(password)

  // 生成加密密码
  password = genPassword(password)

  const sql = `
    select username, realname from users 
    where username='${username}' and password='${password}'
  `

  return exec(sql).then(rows => {
    return rows[0] || {}
  })
}

module.exports = {
  login
}
